CLAIMS 

What is claimed as new and desired to be protected by 
Letters Patent of the United States is: 

1 . A method for providing file contents comprising the steps 
of: 

transmitting, by a client node, a request for a file; 
receiving, by an access control server, a request for a file; 
making, by an access control server, an access control 
decision; 

determining a file type for the file; 

determining an identifier for an application program 

associated with the file type; and 

presenting the contents of the file to the client node. 

2. The method of claim 1 wherein step (f) further comprises 
presenting, by an application server in an application server 
farm, the contents of the file to the client node. 

3. The method of claim 1 further comprising determining, by 
a first application server in the application server farm, an 
application program associated with the file type. 



4. The method of claim 3 further comprising presenting, by 
the first application server in the application server farm, 
the contents of the file to the client node. 

5. The method of claim 3 further comprising presenting, by a 
second application server in the application server farm, the 
contents of the file to the client node. 

6. The method of claim 1 wherein step (d) further comprises, 
determining, by an access control server, a file type for the 
file. 

7. The method of claim 1 wherein step (d) further comprises, 
determining, by an application server in an application 
server farm, a file type for the file. 

8. The method of claim 1 wherein step (e) further comprises 
determining, by an access control server, an identifier for 
an application program associated with the file type. 

9. The method of claim 1 wherein step (e) further comprises 
determining, by an application server in an application 
server farm, an identifier for an application program 
associated with the file type. 



1 0. The method of claim 1 further comprising the step of 

acquiring, by the access control server, information about 
the client node. 

1 1 . The method of claim 1 0 wherein step (c) further comprises 
comparing the information acquired by the access control 
server to a policy to make the access control decision. 

1 2. The method of claim 1 0 wherein step (f) further comprises 
using, by an application server, acquired information to 
select a format for the presentation of the file contents. 

1 3. The method of claim 1 0 wherein step (f) further comprises 
presenting the contents of the file by applying a policy to 
the acquired information to select a format for presentation 
of the file contents. 

14. The method of claim 1 further comprising the step of 
transmitting, by the access control server, a collection 
agent to the client node. 

1 5. The method of claim 1 further comprising the step of 

acquiring, by the access control server, information about 
the client node using a collection agent. 



1 6. The method of claim 1 5 wherein step (c) further comprises 
comparing the information acquired by the collection agent 
to a policy to make the access control decision. 

1 7. The method of claim 1 wherein step (c) further comprises 
rejecting, by the access control server, the request. 

1 8. The method of claim 1 wherein step (d) further comprises 
determining, by the access control server, the file type by 
extracting a file extension. 

1 9. The method of claim 1 wherein step (e) further comprises 
determining, by an application server, the identifier of the 
application program by querying a database for the 
application program to use with a file extension. 

20. The method of claim 1 further comprising the step of 
retrieving the file from a file server. 

21 . The method of claim 20 further comprising the step of 
retrieving, by an application server, the file from a file 
server. 



22. The method of claim 20 further comprising the step of 
retrieving, by an access control server, the file from a file 
server. 

23. The method of claim 1 further comprising the step of 
retrieving the file from a web server. 

24. The method of claim 23 further comprising the step of 
retrieving, by an application server, the file from a web 
server. 

25. The method of claim 23 further comprising the step of 
retrieving, by an access control server, the file from a web 
server. 

26. The method of claim 1 further comprising the step of 
retrieving the file from an email server. 

27. The method of claim 26 further comprising the step of 
retrieving, by an application server, the file from an email 
server. 



28. The method of claim 26 further comprising the step of 
retrieving, by an access control server, the file from an 
email server. 

29. The method of claim 1 further comprising the step of 
connecting, by the client node, to an application server. 

30. The method of claim 29 wherein step (f) further comprises 
presenting the contents of the file to the client node over 
the connection. 

31 . The method of claim 1 further comprising the step of 
transmitting, by an access control server, an executable file 
to the client node. 

32. The method of claim 31 further comprising identifying, by 
the executable file, the application server opening the file 
for the client node. 

33. The method of claim 1 wherein step (a) further comprises 
the client node residing on a first network separated from a 
second network by a network boundary, the client node 
requesting a file from an access control server, residing on 
the second network. 



34. The method of claim 27 wherein step (d) further comprises 
the access control server downloading the file from a 
content server. 

35. A system for providing file contents comprising: 
a client node requesting a file; 

an access control server receiving the request for the file 
and making an access control decision; and 
an application server presenting the file contents to the 
client node using an application program associated with a 
file type for the requested file. 

36. The system of claim 35 wherein the application server 
further comprises identifying the application program 
associated with the file type. 

37. The system of claim 35 wherein the access control server 
further comprises identifying the application program 
associated with the file type. 

38. The system of claim 35 wherein the access control server 
further comprises a database storing at least one policy. 



39. The system of claim 35 wherein the access control server 
further comprises a collection agent acquiring information 
about the client node. 

40. The system of claim 39 wherein the access control server 
further comprises making an access control decision based 
on the information acquired by the collection agent. 

41 . The system of claim 39 wherein the access control server 
further comprises making an access control decision by 
applying a policy to the information acquired by the 
collection agent. 

42. The system of claim 39 wherein the collection agent 
acquires information about the client node regarding device 
type. 

43. The system of claim 39 wherein the collection agent 
acquires information about the client node regarding 
network connection information. 

44. The system of claim 39 wherein the collection agent 
acquires information about the client node regarding 
authorization credentials. 



45. The system of claim 35 wherein the application server 
includes a database containing at least one application 
program associated with at least one file type. 

46. The system of claim 45 wherein the application server 
further comprises determining an identifier for an 
application program by querying the database. 

47. The system from claim 35 wherein the access control server 
transmits an executable file to the client node. 

48. The system from claim 47 wherein the executable file 
includes an identifier for the application program 
associated with the file. 

49. The system from claim 47 wherein the executable file 
identifies an application server. 

50. The system from claim 47 wherein the client node makes a 
connection to the application server identified by the 
executable file. 

51 . The system from claim 47 wherein the application server 
accepts a connection from the client node. 



52. The system from claim 47 wherein the client node transmits 
the identifier for the application program identified by the 
executable file to the application server. 

53. The system from claim 47 wherein the application server 
presents the file contents over the connection to the client 
node. 



